Posted
by
timothy
on Tuesday May 28, 2013 @11:54AM
from the casing-the-joint dept.

Taco Cowboy points out reports in The Register and The Jerusalem Post (along with a paywalled article at the WSJ) that say "[Iranian hackers are] responsible for a wave of computer attacks on U.S. corporations, with targets including oil, gas and electricity companies. Unlike the cyber incursions from China, the goal of the Iranian attacks is sabotage rather than espionage. The cyber attacks are seen as attempts to gain control of critical processing systems. The attacks on oil, gas and power firms have so far concentrated on accruing information on how their systems work – a likely first step in a co-ordinated campaign that would eventually result in attacks aimed at disrupting or destroying such infrastructure."

Oh, I'm sorry, this is the persecution complex. Have a nice day, and don't go out that door- that's the Pit of 1,000 Youtube Commenters. Best you don't let them see you, they haven't been fed yet. Mind the chainsaws! Bye now! We'll be seeing you!

Can you provide any citation that the 1979 revolution was supported by the US gov't because from what I've read the US gov't supported the Shah from the beginning to end - that is from overthrowing the democratically elected government and reinstating the Shah to providing CIA assistance to SAVAK in order to suppress dissidents all the way to providing asylum to the Shah when it all fell apart.

I don't think it's a stretch to say that by overthrowing a democratic government instated by moderates and helping

The dissidents SAVAK was busy with consisted of the radical Islamists and the oh so liberal knot heads who were doing everything in their power to give the Islamists another shot at running the country. While the liberal college students were busy playing with US hostages the hardliner Islamists were busy killing the old guard and taking all the power. When they were firmly ensconced in power the liberals who started the whole revolution were killed, imprisoned, or run out of the country. And for the record

Obviously the Shah himself was Iranian and he had Iranian supporters who wanted to remain in power just as Kim Jong Il is Korean and has Korean supporters who want him to remain in power but the point is that those Iranians were a political minority just as I suspect that North Koreans who are in favor of the current regime are a minority.

Suppose that tomorrow North Koreans overthrow Kim Jong Il and a foreign government helps reinstate him against the will of the majority - do you not see anything wrong wi

I'd suggest you are wrong. It's people like you, who are willing to defend murdering sociopaths, that caused this problem in the first place. THE reason Iran hates us today is because of what a bunch of sociopaths did to the country back in 1953. Sadly, sociopaths never seem to fucking learn.

I don't know if you noticed, but that revolution in 1979 was to overthrow the Shah... who we supported, and to kick our ass out (because we supported the Shah). Now, do i remember Carter abandoning the Shah? No, because it didn't happen. The Shah was here in the US when all the crap came down for medical treatment.

Iran Hacks Energy Firms, U.S. SaysOil-and-Gas, Power Companies' Control Systems Believed to Be Infiltrated; Fear of Sabotage PotentialBy SIOBHAN GORMAN and DANNY YADRON

WASHINGTON--Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching infiltration and surveillance missions against the computer networks running energy companies, according to current and former U.S. officials.

In the latest operations, the Iranian hackers were able to gain access to control-system software that could allow them to manipulate oil or gas pipelines. They proceeded "far enough to worry people," one former official said.

The developments show that while Chinese hackers pose widespread intellectual-property-theft and espionage concerns, the Iranian assaults have emerged as far more worrisome because of their apparent hostile intent and potential for damage or sabotage.

U.S. officials consider this set of Iranian infiltrations to be more alarming than another continuing campaign, also believed to be backed by Tehran, that disrupts bank websites by "denial of service" strikes. Unlike those, the more recent campaigns actually have broken into computer systems to gain information on the controls running company operations and, through reconnaissance, acquired the means to disrupt or destroy them in the future, the U.S. officials said.

In response, U.S. officials warn that Iran is edging closer to provoking U.S. retaliation.

"This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow," a U.S. official said. "What they have done so far has certainly been noticed, and they should be cautious."

The U.S. has previously launched its own cyberattacks against Iran. The Stuxnet worm, developed and launched by the U.S. and Israel, sabotaged an Iranian nuclear facility.

The latest campaign, which the U.S. believes has direct backing from the Iranian government, has focused on the control systems that run oil and gas companies and, more recently, power companies, current and former officials said. Control systems run the operations of critical infrastructure, regulating the flow of oil and gas or electricity, turning systems on and off, and controlling key functions.

In theory, manipulating the software could be used to delete important data or turn off key safety features such as the automatic lubrication of a generator, experts said.

Current and former U.S. officials wouldn't name the energy companies involved in the attacks. or say how many there were. But among the targets were oil and gas companies along the Canadian border, where many firms have operations, two former officials said.

The officials also wouldn't detail the precise nature of the evidence of Iranian involvement. But the U.S. has "technical evidence" directly linking the hacking of energy companies to Iran, one former U.S. official said.

Iranian officials deny any involvement in hacking. "Although Iran has been repeatedly the target of state-sponsored cyberattacks, attempting to target Iran's civilian nuclear facilities, power grids, oil terminals and other industrial sectors, Iran has not ever retaliated against those illegal cyberattacks," said Iran's spokesman at the United Nations, Alireza Miryousefi. "In the lack of international legal instruments to address cyberwarfare, Iran has been at the forefront of calling for creating such instruments. We categorically reject these baseless allegations used only to divert attentions."

So far, the infiltrations don't appear to have involved theft of data or disruption of operations. But officials worry the reconn

Israel’s existence is an “insult to all humanity,” Iranian President Mahmoud Ahmadinejad said on Friday, in one of his sharpest attacks yet against the Jewish state, which is currently debating whether to attack Iran over its nuclear program.

AFP - Israel is a "cancerous tumour" that will soon be finished off, Iranian President Mahmoud Ahmadinejad on Friday told demonstrators holding an annual protest against the existence of the Jewish state.

"The Zionist regime and the Zionists are a cancerous tumour. Even if one cell of them is left in one inch of (Palestinian) land, in the future this story (of Israel's existence) will repeat," he said in a speech in Tehran marking Iran's Quds Day that was broadcast on state television.

"The nations of the region will soon finish off the usurper Zionists in the Palestinian land.... A new Middle East will definitely be formed. With the grace of God and help of the nations, in the new Middle East there will be no trace of the Americans and Zionists," he said.

There was more than the Stuxnet attack on the uranium centrifugues. Iran alleges there were cyberwarfare attacks on their oil pipeline infrastructure. Plus there have been targeted assassinations of Iranian nuclear scientists.

As is common in this matter, you have things badly confused. Israel did nothing to Iran to deserve they way the new Iranian government turned on them. If you think otherwise, please provide a list. One hint to reduce the chances of you going down the wrong path again: the Palestinians are not Iranian, and the Iranians are not Arabs.

As to "untermenschen," that would be the view of post-revolution Iranian government, and many Arabs living in Palestine.

On Monday, the Iranian Foreign Ministry held an international conference. Nothing unusual in that: Foreign ministries hold conferences, mostly dull ones, all the time. But this one was different. For one, "Review of the Holocaust: Global Vision" dealt with history, not current politics. Instead of the usual suspects — deputy ministers and the like — the invitees seem to have included David Duke, a former Ku Klux Klan leader; Georges Theil, a Frenchman who has called the Holocaust "an enormous lie"; and Fredrick Toeben, a German-born Australian whose specialty is the denial of Nazi gas chambers.

The guest list was selective: No one with any academic eminence, or indeed any scholarly credentials, was invited. One Palestinian scholar, Khaled Mahameed, was asked to come but then barred because he holds an Israeli passport — and also perhaps because he, unlike other guests, believes that the Holocaust really did happen.

In response, Europe, America, and Israel expressed official outrage. The German government, to its credit, organized a counter-conference....

Here we go again. Some one who hates jews and is going to describe them like some kind of aliens from outer space who are inhabiting the bodies of humans to take over the world. The sooner you get rid of your idiotic ravings the better you and people like you will be. You're your own worst enemy, really.

Curious to know who the fuck made us God to say who can have nuclear energy or not. You want to bitch and whine that the Iranians are flexing their cyberattack muscles, well, too fucking bad; we started it. You simply want to make some stupid fucking excuse as to why you are right, and they are wrong; that's something you really shouldn't do when you haven't taken the high road.

Actually, from a military perspective, Iran shares a lot with Iraq under Sadam Hussein. Hussein with the support of the Ba'ath party installed a lot of loyal generals and political insiders, but the lower ranks hated him. Same thing is going on now in Iran; you have a number of religious zealot loyalists who are close to the "supreme leader" Ali Khamenei and his closest imams, and the lower ranks could'nt give a shit. Plus 2/3rds of Iran's population is under 30, and they're wanting iPods, not Jihads. Iran'

Why is it okay for the US to sponsor cyber attacks, but not the Iranians?

I'm not going to get all philosophical as that's not my shtick. I'm not even going to say it's "okay" for us to do it and not them (did somebody actually say that?). As an American I'd rather the US be successful in its attacks and the "enemy" not. I don't pretend it's anything more than that.

That doesn't mean I'm a bang the war drum type about Iran. However I'd rather they not get nuclear weapons. I'm not sure how far the US should go to prevent that (I'd certainly be opposed to a full blown war) but Stuxnet was a clever technique that didn't even hurt anyone. My attitude is "well done". I don't want Iran to be successful in a similar attack on the US. So far it seems they're only gathering intel, but the possibility of targeting our infrastructure is frightening. It's also potentially much more damaging than destroying some centrifuges.

As an American I'd rather the US be successful in its attacks and the "enemy" not.

As an American I'd rather the US not attack anyone and the "enemy" not attack us either.

The real scandal is that hardening the IT infrastructure around these utilities is easy, it just costs money.The first step is getting the SCADA industry to pull its head out of its ass and not sell anything that hasn't been aggressively vetted.

The government can create momentum for industry to design and build secure hardware interfaces.All that's required is a timeline for uptake and a regulatory structure that mandate

Don't you see the flaw in that attitude? Consider that your Iranian counterpart is taking exactly the same attitude. Damage the US economy and infrastructure to make invasion harder. Develop nuclear weapons as the ultimate deterrent.

I think of lot of Americans don't realize that the US currently has the most aggressive and threatening stance. Yeah, occasionally some Iranian politician or cleric makes a comment about wanting to destroy the US, but the the US actually does have the capability to carry out the

Don't you see the flaw in that attitude? Consider that your Iranian counterpart is taking exactly the same attitude. Damage the US economy and infrastructure to make invasion harder. Develop nuclear weapons as the ultimate deterrent.

I wish we could go back in time and not get involved in that idiotic coup to ensure BP's profits (Truman refused to do it). Unfortunately we can't. Since 1979 there has been a lot of (thankfully) low level hostilities between the US and Iran. Stuxnet, while one can debate its effectiveness, was a very low level "hostility" (no one hurt) and at least intended to serve a decent purpose.

The Iraq war probably did 100x as much as Stuxnet to make the Iranians leery. "Gee, the Great Satan will invade countries w

For the same reason we arrest Russian/Chinese/Whatever spies in America, but send our own spies to Russia/China/Whatever.

I mean, seriously? How is this even a question? This got ranked "insightful"? Really, Slashdot?

I don't think anyone (well, anyone even half sane) would argue that it's objectively moral for the US to engage in espionage/cyberwarfare against another country, but objectively immoral for them to do it to us. It's equally moral (or immoral), no matter which direction it goes, so you make sure

Why is it okay for the US to sponsor cyber attacks, but not the Iranians? If it is an act of war, then did Congress authorize the US act of war?

The difference is that the US was trying to prevent Iran from getting ahold of weapons/technology that it shouldn't have. Iran is out to destroy existing infrastructure. So the difference is scale. The US says "we'll try to stop X from happening", and Iran says "I'm a bull in a china shop trying to destroy everything".

I'm nominating you for Secretary of State. It's a brilliant diplomatic strategy. The US and Iran can become allies in a war against Adobe. Then in the spirit of George Washington's advice about international affairs, we can say we're sorry about the shah, they can say they're sorry about the hostages, and we can put the whole mess behind us. Bonus points for destroying Adobe.

I don't understand. Is this actually a threat or is it just an attempt to break into some webservers/desktops?
Why would the SCADA system controlling things like gas and power be connected to any machine with an Internet routable IP or that is able to connect to any machine with an Internet routable IP? Is it impractical to only use bright red network cables for Important Things and, in those situations where it's worth the compromise, traverse a wireless link or a leased line (ie. phone system directly, n

Why would the SCADA system controlling things like gas and power be connected to any machine with an Internet routable IP or that is able to connect to any machine with an Internet routable IP?

Like most topics, we've beat this one to death in the past. Yes, anyone with half a brain wouldn't do that. Unfortunately, among persons setting up SCADA systems, having some functional neurons seems to be something of an edge case.

RemoteMon Corp. develops a cool new monitoring system that lets utilities keep an eye on their facilities remotely using the internet to create the connection rather than an expensive dedicated line. Utilities love it because it reduces their costs hugely and lets them set up a cool looking operations centre with big monitors so they feel like NASA or something. Seriously, they love those.

RemoteMon tells the utilities that they need to set up secure passwords and change them regularly.

And you're an uninformed doofus. As a guy responsible for a SCADA system I'll tell you that one of the first things I wanted to do was disconnect all external connectivity. That was when I got hired and before I understood all of the intricacies of what the requirements are.

Sounds like you started out as an uninformed doofus too.

We have to share real time data with all of our neighboring utilities as per federal law. Marketers and accountants need access to data to make decisions in real time. Federal agencies such as WECC demand that we provide them with things like load forecast data, spinning reserve schedules, tie-line outages, etc so that they can perform real time studies.

1. This may be a naive question, but it sounds like all that data is stuff that is an output from the actual SCADA part of your plant. Cut a few wires and you can convert a two-way link into a one-way link. Read all you want but you can't control the plant from an external network. Would that work?

2. How was this stuff handled before the Internet?

3. If worse comes to worse maybe we need a WAN other than the Internet for this type of stuff.

In my experience running utility simulation models and querying system conditions for model initial conditions, that is exactly what SCADA does. SCADA runs controls, every 15 minutes or so SCADA dumps integrated data to the system condition database.

Of course that means there is no air gap. SCADA is sending data to the database via message queues. Operators are controlling the system via separate paths. These private networks are as well secured as any digital infrastructure outside spook agencies.

Because people take network security about as seriously as they take nutrition. Everyone says they want to do the right thing, but then at the first sign of inconvenience they're back to their bad habits.

We have stopped maintaining our bridges and roads, and we have reduced infrastructure spending drastically. By the time you Iranians figure out how to destroy American infrastructure, there will be nothing left for you to destroy. Fools on you Iranians.

Holland is a tiny homogenous country. Singapore is a tiny multi-ethnic (Chinese, Malay & Tamil) country. That you mention Holland but not Singapore is telling. Anyway, what is possible for these tiny countries is not possible for big countries.

Yes, because economics of scale show that it simply can't work that way. Wait....

The problem in the US isn't our size, it's that a portion of the country who has no idea of what citizenship, patriotism, or responsibility means is now the base of one of the political parties, and is doing everything it can to emulate insurgents with the goal of destroying us as a nation. If "secession" ever comes up as a possible alternative, you are no longer working for the betterment of the United States or it's citiz

I kind of agree (though one shouldn't get too starry eyed about the past). However the poster wrote "we never learned how to work together". He also mentioned our federal system of government, which we've always had.

Firstly, how do they know it was Iranian hackers? The linked article is the NYT reporting US officials as saying that the attacks came from Iran, and that the attacks could not be carried out without the regime's knowledge. Not a direct quote, btw - a paraphrasing of something a government official said, paraphrased by the reporter, and punched up by the editor for more impact.

Yet the register first line reads: "Iranian hackers are launching state-sanctioned attacks on US energy firms and hope to sabotage critical infrastructure by targeting industrial control systems, according to American officials."

There's a difference between attacks originating in Iran and attacks sponsored by the regime. Also, it's difficult at best to determine the origin of an attack - are they sure these attacks weren't proxied *through* Iran?

Secondly, how do they know that the goal is sabotage, when no sabotage has actually occurred? How do they know that this isn't just some bot herders trying to find more spam outlets? Certainly "accruing information on how their systems work" sounds more like a port scan or a vulnerability scan - which would be the first step regardless of the intent.

You act as though someone were calling for a nuclear attack. Even if this story is total garbage, I hope it gets lots of attention. Something has to be done about our insecure SCADA/infrastructure, regardless of whether you think the threat is from the Evil [insert whatever you hate here] or a bored kid in the basement.

Iran has some pretty strict Internet rules and monitoring is most certainly employed. While it could be random hackers inside Iran, the chances of them executing a long term project and not being noticed are slim to none. The proxy scenario seems also unlikely as an anonymous proxy service is another thing you don't run in Iran without someone noticing. I think it is entirely safe to say that they were Iranian, and that the government knew about it.

As for the goal, presumably, the US government knows that the goal is sabotage by the selection of the materials targeted. If someone is downloading, say, information on security protocols and failure scenarios, you can pretty much bet that they aren't just doing that just because they are curious. Yes, perhaps there is room for doubt, but there are some things that some bored hacker isn't going to look for... isn't even going to know what to look for... without having experience. This is also a reason that it is probably Iranian government as well: they likely have experts who tell the hackers what they need to be looking for. Hackers, while smart, are not necessarily knowledgeable about infrastructure. They may know how to get into things, but they probably don't know what they are looking for once they are in.

I agree that the ultimate outcome is in doubt: learning how to sabotage the US infrastructure is not the same as actually doing it. Just like testing nuclear weapons doesn't actually mean that you intend to use them.

I also agree that releasing this information has an ulterior motive. It is PR for the agencies involved. In that sense, you have to take it with a grain of salt, but it doesn't mean it is fabricated or a scare tactic to cover an upcoming war. It's basically a department telling taxpayers that they need to continue funding them, or this could happen. A scare tactic, but for money. As much as I don't like that they do this, given how political that the budget process has become, it is probably understandable. It is also important to understand that, if these departments do their job, no one ever hears about them, because they generate no news. Sometimes, you need people to know what they are doing for the money that they pay you. This is likely what that is.

If you have one ant trekking across your kitchen to steal food, contaminating what it doesn't steal, you may not notice it. But if you have a swarm of ants trekking across the floor, you are more likely to notice them and take appropriate action. Unless you are a government agency, in which case you send a diplomat to tell the ants that if they don't stop you are going to get really slightly theatrically concerned, and the process of trying to figure out how to make a face that properly conveys that will make you annoyed at them.

The real question is which of the following is going to happen first:

The Chinese hackers attack the Iranian hackers before they draw attention to targets the Chinese want. If you're a spy infiltrating an installation and you come across some amateur spy who is also infiltrating, you kill the spy and hide the body in a ventilation shaft before he gets caught and the place gets locked down.

The Iranian hackers accidentally disable the systems that are giving the Chinese access to U.S. secrets.

It could work since everybody now knows that nerds are funny. Maybe a sequel to the Big Bang Theory. Penny gets a job as a SCADA security engineer, but gets distracted by the bad guys when they deliver a great pair of new shoes to her. Sheldon could easily fix it, but he too is distracted because it's Tuesday and he had French toast instead of oatmeal.

Ventilation shaft are terrible places to hide bodies. Bodies go off fast, especially if they lose control of their bowels. That nasty smell is going to get spread all around the building pretty fast if you stick it in the ventilation system.

When you extrapolate1) the increasingly-vaguely-worded and -legally-authorized reach of national governments to act in what might be defined broadly as "military" ways wherever they see fit

2) plus the ever-increasing capabilities of non-state actors (some call them terrorists, when it's convenient) and the state-sponsors that back them, not to mention the actual inability of states to closely control these assets

3) the (current) ability to execute such actions through proxies/remotely/etc such that they are nearly perfectly anonymous

The intersection of these lines seems inevitable: a non-state actor (perhaps sponsored by a state, whether or not this specific action IS sponsored/authorized) is going to accomplish something really heinous, like a Chernobyl-level meltdown, or perhaps the destruction of the electrical grid across the East Coast of the US (something that costs $billions and/or thousands+ of lives).

What happens then? If the US is catapulted into a paroxysm of 10 years of war over the relatively puny-but-showy 3000 deaths of the WTC attack, what would we do if that casualty number was 20,000? 100,000?

"Someone will need to pay dearly" would seem to be the logical response of this otherwise-torpid democracy. But what if we don't know who that is, or (almost worse) are only "pretty sure" we know who it is?

But the USA are the good guys, it's normal they do this!
The problem is the Iranian don't realise they are the bad guys ; I'm sure they are reasonable and would stop everything if they knew they were in the wrong.

"We need to start this war with Iran. No one believes they have a bomb, and we've been saying they're 2 years away, since 1997. I know! Tell Cybercommand to "probe" US infrastructure, hopping from all the compromised router firmware, behind Iran's BGP space.

Give the story to Jerusalem Post - from "official sources". Don't worry about "leak prosecutions". We'll reserve those for the nosy bastards who try and discover that this is how we operate."

You are the troll. And a very low-value poster. The Guardian link refers to a nano-diamond creation device supplied by Russia for industry, and which "western" intelligence tried to spin as related to weapons research. Here is the thorough debunking from Moon of Alabama. [moonofalabama.org] The "reporting" on nano diamonds was spanked SO BADLY by this blog, that all traces disappeared from press and punditry before November ended.

The whole issue is a misrepresentation of the highest order - from 11/11. Let me update you,

You are the troll. And a very low-value poster. The Guardian link refers to a nano-diamond creation device supplied by Russia for industry, and which "western" intelligence tried to spin as related to weapons research. Here is the thorough debunking from Moon of Alabama. [moonofalabama.org] The "reporting" on nano diamonds was spanked SO BADLY by this blog, that all traces disappeared from press and punditry before November ended.

My posts do tend to have a very low value for perpetuating the lies and distractions used to defend the terrorist sponsoring [cfr.org] and would be genocidal Iranian regime. I don't see that as a negative. The MoonbatofAlabama blog didn't really serve much purpose other than to provide another distractions to fool the unwary.

In the debate about the November 11 International Atomic Energy Agency (IAEA) safeguards report, some have falsely implied that Vyacheslav Danilenko did not know anything about nuclear weapons, or that he worked solely on nanodiamonds from the beginning of his research career, even though he worked at Chelyabinsk-70 for almost thirty years.1 The open source record demonstrates that these statements are incorrect and that Danilenko was involved in developing and using inwardly converging high pressure explosions and diagnostic systems to measure their effectiveness vital to the development of Soviet nuclear weapons. As such, the open source record supports that when he assisted Iran in the 1990s, he was an ex-Soviet nuclear weapons expert. Given his background, Danilenko should have had reason to believe that his knowledge and expertise related to high explosive compression in nuclear weapons could be misused by the Iranians, even if he limited himself to advising on strictly non-nuclear weapon applications.

In his statement to the IAEA Danilenko denied helping Iran build nuclear weapons but he admitted that he could not exclude that the information he provided was used for other purposes. Despite his denials, the IAEA suspects he helped Iran more than he has admitted so far. . .

At present they lack the means, such as working nuclear weapons, not the desire. I have to say that I find it astonishing that this might somehow be news to you. It is a fairly widely held goal in the region.

I think its a lot less hatred of Jews than it is hatred for people who act like duochebags all the time, stealing their land, assassinating their leaders, murdering their children, and basically acting more like that group of Germans you brought up than they should... all the while causing more and more problems for the US (where i live) because, again, they seem to prefer being douchebags instead of acting like civilized people.

Me personally... i don't give a fuck what religion they are; if they act like

http://en.wikipedia.org/wiki/Taqiyya [wikipedia.org] ! What the fuck? Rogue state... rogue... you must be fucking retarded. Just the fact that you've even used that word is such a profound example of stupidity that I truly feel saddened. I do not say that for your benefit -- I care not for your opinion, fyi. Either you're really an idiot, or, more likely, you are not what you claim to be -- a fraud. You have a "moral" duty to lie, that's fine. It makes you a liar. There is no reason to trust you, and thank you for the proo

Oh no, you have that completely wrong. There clearly are far worse regimes in the Middle, including those that kill and mistreat Palestinians. Many of the allegations against Israel, on the other hand, are simply fabricated or greatly exaggerated, so there is often little if anything that needs to be excused. It makes no sense to appologize for an imaginary massacre.

For some reason there are people that prefer to condemn Israel over a fabricated claim of mass murder than the genuine mass murder by other

Oh Shut up you damn air breathers. Us water breathers are still working on killing all of you off. Just you wait until our master plan with Global Warming comes through. You'll soon be swiming. Good eatings to you.

The big question is why "critical" infrastructure is tied directly to the internet?

Why not? "Critical" does not mean "vulnerable". IAAESE*. It is not that hard to create a system that is not "hackable" in a dangerous way. You just need to design in multiple levels of safety:

1. Top level GUI2. Control system running in a separate process, that sanity checks any input from the GUI.3. A firmware monitor running on a hardened 8-bit processor (8051, AVR, etc.), that runs a watchdog timer and scans the system to ensure all parameters are within safe limits.4. Mechanical interlocks, governors, brakes, fuses, etc.

I have read plenty of stories about how hackers will drop elevators full of passengers into the basement, and turn traffic lights "all green". But anyone that works on those systems will tell you that it is all baloney. It is physically impossible to do that from software. That kind of sabotage would need at least a crowbar and a soldering iron.

I think that what is really going on is the industry is promoting these scare stories in the hope of getting government pork dollars to "fix the problem".

The steps you mention are good ones, but an air gap is still a very good step in that defense in depth approach. Also, several of the steps you mention avoid damage to systems, which is always a good idea (even if just protecting against your own software problems). However, they don't necessarily guard against interruption of service. For things like the electrical grid that can be serious. Bonus points if you can cause a cascade failure.

I have read plenty of stories about how hackers will drop elevators full of passengers into the basement, and turn traffic lights "all green". But anyone that works on those systems will tell you that it is all baloney. It is physically impossible to do that from software.

The steps you mention are good ones, but an air gap is still a very good step in that defense in depth approach.

Maybe in some situations. In others it can make the situation worse. If you disconnect everything, and have to send out a truck to make an adjustment at a substation, then you have a problem when there is a big storm and not enough trucks. For most sensibly designed systems, disconnecting from the network will likely cause more problems than it will prevent.

However, they don't necessarily guard against interruption of service.

I once worked on a control system for a hydroelectric dam. The software could adjust the gates to control the flow of water to adapt to electrical demand, but only within certain limits, which were set depending on expected demand. To go outside those limits, a worker had to manually extract and reinsert a steel rod. It is also common in coal/gas/nuke plants to require manual intervention to shutdown a generator, or even reduce the power into the "brown-out" zone. Since that is something that will almost never need to happen, requiring manual intervention is reasonable. Designing a system to prevent a denial of service is harder than just preventing catastrophic failure, but it is still possible.

If you disconnect everything, and have to send out a truck to make an adjustment at a substation, then you have a problem when there is a big storm and not enough trucks.

Makes sense, but I still have to wonder how it was done before the Internet. More trucks, or was there an interim approach that used a communication link other than the Internet?

It is also common in coal/gas/nuke plants to require manual intervention to shutdown a generator, or even reduce the power into the "brown-out" zone.

Sensible and good to know, but let me play armchair terrorist. Admittedly this scenario is much more far fetched (if possible at all) but I wonder if playing with the automatic adjustments would let you mess up the stability of the grid.

What would happen if word went out to power stations to disconnect from the Internet? Correct m

I'm a chemical engineer with a bit of experience in designing control systems. Based on the systems I've seen in the field, I too would argue that air-gap-by-default is better in most circumstances.

Most plants have both vastly oversized equipment (especially heat exchangers and pumps) and catastrophic failure modes that can easily be reached by all those pieces operating within limits - it's the "swiss cheese" model of failure. Add a "pretty" control system like DeltaV or ABB that a) usually runs on Windo

I was arguing for complete disconnection from the Internet, which ShanghaiBill was arguing was both impractical for a power plant (all the info they have to share, monitoring substations etc.) and unnecessary (manual intervention required for potentially destructive operations). It sounds like what you're saying is that it's practically impossible to have simple manual control requirements for everything in a chemical plant. Maybe complete Internet connect would be

By air gap I mean that I think that DCS systems should by default be fully disconnected from the Internet, e.g. instrument engineer workstations should be on a different physical network and they have to have two computers to do their job - one to check email and do MSOffice stuff, and another that they develop the DCS logic on. This is very inconvenient for both the instrument engineers and the normal manufacturing engineers (who just need read-only access), leading

Thank you for contributing to the overall naive attitude American industry has for securing critical systems.

You're welcome. But my experience is that the people that design and operate critical systems are not at all naive. They have a very good appreciation for the risk. Let's look at some numbers:

Number of Americans deprived of power in the last year because of lightning: millions.Number of Americans deprived of power in the last year because of flooding or storm surges: millions.Number of Americans deprived of power in the last year because of TERRORISM: zero.

I'm not an embedded system engineer, but I've done a system for low speed monitoring which has worked out well, allowing for information to be obtained, but keeping the private stuff private. It isn't a 100% perfect solution, but for a lot of needs, it functions well.

Create two network segments, one "public" in the sense that it is connected somehow to the Internet, and one "private" in that it has no connections.

Place two machines on each subnet. They are connected by a null-modem cable with the a set of